Cybersecurity Threat Landscape: Emerging threats and Mitigating Risks in 2024

Cybersecurity threats are rapidly evolving as new threats and sophisticated cybercriminal strategies emerge, creating significant challenges for organizations and the public.

According to the Kaspersky Incident Response Analyst Report 2023, 75% of cyberattack attempts exploited Microsoft Office, with the most common infection vectors being publicly available applications and compromised accounts. Attackers frequently use stolen credentials to conduct remote desktop protocol (RDP) attacks, phishing emails, and malicious files mimicking document templates.

Although attack attempts dropped by 36% in Q1 of 2023 compared to 2022, ransomware and cybersabotage remain the most significant threats.
“Governments were the most prolific target by threat actors followed distantly by manufacturing and financial institutions with the largest cyberthreat risk being ransomware and cybersabotage,” said Igor Kuznetsov, Director, Global Research & Analysis Team (GReAT) at Kaspersky.

Ransomware-as-a-Service (RaaS) has become a prominent trend, with cybercriminals operating like businesses, using affiliates to carry out attacks. Igor dispels three myths: cybercriminals aren’t just IT-educated criminals, ransomware targets aren’t pre-selected, and gangs don’t act alone. RaaS involves collaboration among various specialized actors, from access resellers to negotiators, making ransomware attacks increasingly sophisticated.

“Ultimately, affected organizations must not pay a ransom which will perpetuate and enable more cybercrime,” said Igor. “Victims can often recover their data without paying. Kaspersky maintains a vault of keys and tools to decrypt data locked by various ransomware families. Since 2018, over 1.5 million users worldwide have successfully recovered their data using these resources.”

Supply chain attacks, particularly those involving containerized systems running on open-source software, present another major threat. “Containerized systems often rely on numerous third-party dependencies, introducing significant supply chain risks from both malicious intent and unintentional flaws,” explains Igor. He cites two examples: “The Crowdstrike event caused an outage on millions of devices, demonstrating how a faulty update can have widespread impact.

Additionally, a less publicized attack on XZ Linux utilities could have compromised millions of SSH-enabled devices.”

More information can be found at Kaspersky

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.

The company’s comprehensive security portfolio includes leading endpoint protection, specialised security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 220,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.